Summary
A CISA contractor placed administrative AWS GovCloud keys and internal system credentials on a public GitHub repository for months by disabling automated security blocks. The exposure included plaintext passwords for critical DevSecOps environments and internal code repositories, creating a significant supply chain risk.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)